﻿using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class userControl_Login : System.Web.UI.UserControl
{
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["connectionString"].ConnectionString);
    SqlCommand com;

    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["stu_ID"] == null)
        {
            Panel1.Visible = true;
            Panel2.Visible = false;
        }
        else
        {
            Panel2.Visible = true;
            Panel1.Visible = false;
            lblUsername.Text = Session["stu_username"].ToString();
        }
    }
    //Connect DB, check user and Login to system
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        con.Open();
        string strCheckUser = "select count(*) from StudentAccount where stu_username = '" + txtUsername.Text.Trim() + "'";
        com = new SqlCommand(strCheckUser, con);
        int n = Convert.ToInt32(com.ExecuteScalar().ToString());
        con.Close();

        if (n == 1)
        {
            con.Open();
            string strCheckPass = "select stu_password from StudentAccount where stu_username = '" + txtUsername.Text.Trim() + "'";
            SqlCommand command2 = new SqlCommand(strCheckPass, con);
            string pass = command2.ExecuteScalar().ToString().Replace(" ", "");
            if (pass == txtPassword.Text)
            {
                Response.Write("Login Successful");
                Panel1.Visible = false;
                Panel2.Visible = true;
                Session["stu_username"] = txtUsername.Text;
                lblUsername.Text = Session["stu_username"].ToString();
            }

            else
            {
                lblMsgLogin.Text = "Password Error!";
            }
        }
        else
        {
            lblMsgLogin.Text = "Username Error!";
        }
    }

    protected void bantLogout_Click(object sender, EventArgs e)
    {
        Session["stu_username"] = null;
        txtPassword.Text = "";
        txtUsername.Focus();
    }
}